Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Changing the domain password policy

From: Gary Collis <onesl1fox () 27 eclipse co uk>
Date: Mon, 16 Oct 2006 20:03:40 +0100
Hi List,
I am going to enforce some domain password standards on a w2k domain. I am going to set the password policy to a more complex level then it already is. 

The questions I have are;
There are a number of service and application accounts to which developers have set a number of weak passwords. So my plan is to contact the developers and request them to change passwords to these accounts, so applications and such do not break during transistion. What is the best way to do this?
In general is there anything else that anyone can recommend? What else should I consider? I am sure someone here must of done this before. What are your experiences of this? 

When is the password policy enforced?

Does this affect the domain admin account?

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: